<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="gmail_v1.html">Gmail API</a> . <a href="gmail_v1.users.html">users</a> . <a href="gmail_v1.users.settings.html">settings</a> . <a href="gmail_v1.users.settings.cse.html">cse</a> . <a href="gmail_v1.users.settings.cse.identities.html">identities</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#create">create(userId, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Creates and configures a client-side encryption identity that's authorized to send mail from the user account. Google publishes the S/MIME certificate to a shared domain-wide directory so that people within a Google Workspace organization can encrypt and send mail to the identity. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.</p>
<p class="toc_element">
  <code><a href="#delete">delete(userId, cseEmailAddress, x__xgafv=None)</a></code></p>
<p class="firstline">Deletes a client-side encryption identity. The authenticated user can no longer use the identity to send encrypted messages. You cannot restore the identity after you delete it. Instead, use the CreateCseIdentity method to create another identity with the same configuration. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.</p>
<p class="toc_element">
  <code><a href="#get">get(userId, cseEmailAddress, x__xgafv=None)</a></code></p>
<p class="firstline">Retrieves a client-side encryption identity configuration. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.</p>
<p class="toc_element">
  <code><a href="#list">list(userId, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
<p class="firstline">Lists the client-side encrypted identities for an authenticated user. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.</p>
<p class="toc_element">
  <code><a href="#list_next">list_next()</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
  <code><a href="#patch">patch(userId, emailAddress, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Associates a different key pair with an existing client-side encryption identity. The updated key pair must validate against Google's [S/MIME certificate profiles](https://support.google.com/a/answer/7300887). For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="create">create(userId, body=None, x__xgafv=None)</code>
  <pre>Creates and configures a client-side encryption identity that&#x27;s authorized to send mail from the user account. Google publishes the S/MIME certificate to a shared domain-wide directory so that people within a Google Workspace organization can encrypt and send mail to the identity. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.

Args:
  userId: string, The requester&#x27;s primary email address. To indicate the authenticated user, you can use the special value `me`. (required)
  body: object, The request body.
    The object takes the form of:

{ # The client-side encryption (CSE) configuration for the email address of an authenticated user. Gmail uses CSE configurations to save drafts of client-side encrypted email messages, and to sign and send encrypted email messages. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.
  &quot;emailAddress&quot;: &quot;A String&quot;, # The email address for the sending identity. The email address must be the primary email address of the authenticated user.
  &quot;primaryKeyPairId&quot;: &quot;A String&quot;, # If a key pair is associated, the ID of the key pair, CseKeyPair.
  &quot;signAndEncryptKeyPairs&quot;: { # The configuration of a CSE identity that uses different key pairs for signing and encryption. # The configuration of a CSE identity that uses different key pairs for signing and encryption.
    &quot;encryptionKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that encrypts signed outgoing mail.
    &quot;signingKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that signs outgoing mail.
  },
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The client-side encryption (CSE) configuration for the email address of an authenticated user. Gmail uses CSE configurations to save drafts of client-side encrypted email messages, and to sign and send encrypted email messages. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.
  &quot;emailAddress&quot;: &quot;A String&quot;, # The email address for the sending identity. The email address must be the primary email address of the authenticated user.
  &quot;primaryKeyPairId&quot;: &quot;A String&quot;, # If a key pair is associated, the ID of the key pair, CseKeyPair.
  &quot;signAndEncryptKeyPairs&quot;: { # The configuration of a CSE identity that uses different key pairs for signing and encryption. # The configuration of a CSE identity that uses different key pairs for signing and encryption.
    &quot;encryptionKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that encrypts signed outgoing mail.
    &quot;signingKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that signs outgoing mail.
  },
}</pre>
</div>

<div class="method">
    <code class="details" id="delete">delete(userId, cseEmailAddress, x__xgafv=None)</code>
  <pre>Deletes a client-side encryption identity. The authenticated user can no longer use the identity to send encrypted messages. You cannot restore the identity after you delete it. Instead, use the CreateCseIdentity method to create another identity with the same configuration. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.

Args:
  userId: string, The requester&#x27;s primary email address. To indicate the authenticated user, you can use the special value `me`. (required)
  cseEmailAddress: string, The primary email address associated with the client-side encryption identity configuration that&#x27;s removed. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format
</pre>
</div>

<div class="method">
    <code class="details" id="get">get(userId, cseEmailAddress, x__xgafv=None)</code>
  <pre>Retrieves a client-side encryption identity configuration. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.

Args:
  userId: string, The requester&#x27;s primary email address. To indicate the authenticated user, you can use the special value `me`. (required)
  cseEmailAddress: string, The primary email address associated with the client-side encryption identity configuration that&#x27;s retrieved. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The client-side encryption (CSE) configuration for the email address of an authenticated user. Gmail uses CSE configurations to save drafts of client-side encrypted email messages, and to sign and send encrypted email messages. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.
  &quot;emailAddress&quot;: &quot;A String&quot;, # The email address for the sending identity. The email address must be the primary email address of the authenticated user.
  &quot;primaryKeyPairId&quot;: &quot;A String&quot;, # If a key pair is associated, the ID of the key pair, CseKeyPair.
  &quot;signAndEncryptKeyPairs&quot;: { # The configuration of a CSE identity that uses different key pairs for signing and encryption. # The configuration of a CSE identity that uses different key pairs for signing and encryption.
    &quot;encryptionKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that encrypts signed outgoing mail.
    &quot;signingKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that signs outgoing mail.
  },
}</pre>
</div>

<div class="method">
    <code class="details" id="list">list(userId, pageSize=None, pageToken=None, x__xgafv=None)</code>
  <pre>Lists the client-side encrypted identities for an authenticated user. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.

Args:
  userId: string, The requester&#x27;s primary email address. To indicate the authenticated user, you can use the special value `me`. (required)
  pageSize: integer, The number of identities to return. If not provided, the page size will default to 20 entries.
  pageToken: string, Pagination token indicating which page of identities to return. If the token is not supplied, then the API will return the first page of results.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    {
  &quot;cseIdentities&quot;: [ # One page of the list of CSE identities configured for the user.
    { # The client-side encryption (CSE) configuration for the email address of an authenticated user. Gmail uses CSE configurations to save drafts of client-side encrypted email messages, and to sign and send encrypted email messages. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.
      &quot;emailAddress&quot;: &quot;A String&quot;, # The email address for the sending identity. The email address must be the primary email address of the authenticated user.
      &quot;primaryKeyPairId&quot;: &quot;A String&quot;, # If a key pair is associated, the ID of the key pair, CseKeyPair.
      &quot;signAndEncryptKeyPairs&quot;: { # The configuration of a CSE identity that uses different key pairs for signing and encryption. # The configuration of a CSE identity that uses different key pairs for signing and encryption.
        &quot;encryptionKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that encrypts signed outgoing mail.
        &quot;signingKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that signs outgoing mail.
      },
    },
  ],
  &quot;nextPageToken&quot;: &quot;A String&quot;, # Pagination token to be passed to a subsequent ListCseIdentities call in order to retrieve the next page of identities. If this value is not returned or is the empty string, then no further pages remain.
}</pre>
</div>

<div class="method">
    <code class="details" id="list_next">list_next()</code>
  <pre>Retrieves the next page of results.

        Args:
          previous_request: The request for the previous page. (required)
          previous_response: The response from the request for the previous page. (required)

        Returns:
          A request object that you can call &#x27;execute()&#x27; on to request the next
          page. Returns None if there are no more items in the collection.
        </pre>
</div>

<div class="method">
    <code class="details" id="patch">patch(userId, emailAddress, body=None, x__xgafv=None)</code>
  <pre>Associates a different key pair with an existing client-side encryption identity. The updated key pair must validate against Google&#x27;s [S/MIME certificate profiles](https://support.google.com/a/answer/7300887). For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.

Args:
  userId: string, The requester&#x27;s primary email address. To indicate the authenticated user, you can use the special value `me`. (required)
  emailAddress: string, The email address of the client-side encryption identity to update. (required)
  body: object, The request body.
    The object takes the form of:

{ # The client-side encryption (CSE) configuration for the email address of an authenticated user. Gmail uses CSE configurations to save drafts of client-side encrypted email messages, and to sign and send encrypted email messages. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.
  &quot;emailAddress&quot;: &quot;A String&quot;, # The email address for the sending identity. The email address must be the primary email address of the authenticated user.
  &quot;primaryKeyPairId&quot;: &quot;A String&quot;, # If a key pair is associated, the ID of the key pair, CseKeyPair.
  &quot;signAndEncryptKeyPairs&quot;: { # The configuration of a CSE identity that uses different key pairs for signing and encryption. # The configuration of a CSE identity that uses different key pairs for signing and encryption.
    &quot;encryptionKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that encrypts signed outgoing mail.
    &quot;signingKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that signs outgoing mail.
  },
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The client-side encryption (CSE) configuration for the email address of an authenticated user. Gmail uses CSE configurations to save drafts of client-side encrypted email messages, and to sign and send encrypted email messages. For administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope. For users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.
  &quot;emailAddress&quot;: &quot;A String&quot;, # The email address for the sending identity. The email address must be the primary email address of the authenticated user.
  &quot;primaryKeyPairId&quot;: &quot;A String&quot;, # If a key pair is associated, the ID of the key pair, CseKeyPair.
  &quot;signAndEncryptKeyPairs&quot;: { # The configuration of a CSE identity that uses different key pairs for signing and encryption. # The configuration of a CSE identity that uses different key pairs for signing and encryption.
    &quot;encryptionKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that encrypts signed outgoing mail.
    &quot;signingKeyPairId&quot;: &quot;A String&quot;, # The ID of the CseKeyPair that signs outgoing mail.
  },
}</pre>
</div>

</body></html>